a567e01530357677c5f137e2caaa081d_JaffaCakes118 | Triage

Sharing

General

Target

a567e01530357677c5f137e2caaa081d_JaffaCakes118
Size

536KB
MD5

a567e01530357677c5f137e2caaa081d
SHA1

ad3e9d901430af750ae5638707d362b8a8eb8392
SHA256

32e70ee65b4b34e3492d46144d16e4f4944d671da146a398b7df244241978410
SHA512

82098572bd67d3e943d119840beb6b451a8db3c4c139cca59259411fc3eeac70b01771d2bc9154c659ce155505686d4679307f4063d02c77d0a0bf862fbb52d0
SSDEEP

12288:nHA9mUcrY8driIQHG2D1axkPKdMSgbVSOdcnVoWDj:nHA9FWY8BiIwG2BJFSPloWDj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a567e01530357677c5f137e2caaa081d_JaffaCakes118

Files

a567e01530357677c5f137e2caaa081d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\CONTECT\Desktop\Eject.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 55KB - Virtual size: 55KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 480KB - Virtual size: 479KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ